jump to ICMP chain to drop unwanted ICMP messages.
drop incoming packets that are not NAT`ed, ether1 is public interface, log attempts with "!NAT" prefix.drop attempts to reach not public addresses from your local network, apply address-list=not_in_internet before, "bridge" is local network interface, log=yes attempts with prefix "!public_from_LAN".drop invalid connection and log them with prefix "invalid".packets with connection-state=established,related added to FastTrack for faster data throughput, firewall will work with new connections only.
0 kommentar(er)
